There was an error while loading /apis/credentials/oauthclient?previousPage=%2Fapis%2Fcredentials%3Fproject%3Dmidbooks-8800&project=midbooks-8800. Please try again.
Tracking Number: c7520181810687758
show error when create credentials OAuth cliend id
add some libraries like google+ api and add some scopes but didn't solve
Related
I'm receiving an Authorization error when attempting to generate an authorization code:
Error 400: invalid_request
You can't sign in to this app because it doesn't comply with Google's
OAuth 2.0 policy for keeping apps secure.
If you’re the app developer, make sure that these request details
comply with Google policies. redirect_uri: urn:ietf:wg:oauth:2.0:oob
I've used this Google tutorial to replicate and confirm the issue:
https://developers.google.com/assistant/sdk/guides/service/python/embed/install-sample?hl=en_US
It is generating this URL:
https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=[HIDDEN]&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fassistant-sdk-prototype&state=[HIDDEN]&prompt=consent&access_type=offline
Here is a workaround provided by jdtoth on Github: https://github.com/greghesp/assistant-relay/issues/266#issuecomment-1065940698
Thanks jdtoth!
I found a workaround for creating a new user. In my case, I needed to
create a specific type of API credential. Here is what I did:
Create a new OAuth Client credential using the link below, ensuring
the application type is "Web application" and set Authorized Redirect
URIs to "http://localhost"
https://console.cloud.google.com/apis/credentials
Download the key, and create the user in the Assistant Relay appas you
tried before. When it opens a new browser window to authorize the
google account, you might need to bypass a warning. After you do this,
a blank browser window will open but the address bar will contain the
auth code you need. Grab the code from the relevant part of the URL
here and paste it back into the Assistant Relay app:
http://localhost/?code=COPYCODEFROMHERE&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fassistant-sdk-prototype
Let me know if this works. I am successfully sending commands to the
Assistant Relay server but nothing is playing on my speakers.
I have trouble creating a Google API OAuth2.0 token though following all the steps here: [OAuth2 Authentication](
https://developers.google.com/adwords/api/docs/guides/authentication?authuser=1)
When trying to create the token through the OAuth2.0 playground:
OAUTH 2.0 playground
I end up with this error:
Discussion on similar threads tried to give some guidance but without any luck in my case.
Add google.com in the authorized domain list of your app's OAuth consent screen.
Click on the application for which you want to configure for the next step:
Make sure to also add 'https://developers.google.com' in the Authorized JavaScript origins and 'https://developers.google.com/oauthplayground' in the Authorized redirect URIs[click 'save' below once added]:
You are applying your own client id and client secret to Oauth2 playground you are also using browser credentials.
For browser credentials to work it must be able to return the token to an endpoint that can handle it and that endpoint (Redirect uri) must be registered in the Google Developer console for that project.
if you check your first picture under the check box you clicked
You will need to list the URL https://developers.google.com/oauthplayground as a valid redirect URI in your Google APIs Console's project. Then enter the client ID and secret assigned to a web application on your project below:
Try adding that URL as it says.
I am getting the below error while login with google through Keycloak.
401. That’s an error.
Error: deleted_client
The OAuth client was deleted.
Request Details That’s all we know.
The application you are using has a client id created via google developers console. The client id in question was deleted your going to have to create a new client id and recompile your application.
That is assuming this "keyCloak" is your own application if not then you should contact the developer of the application they have a problem
I'm trying to integrate Google with Amazon Cognito in an iOS application using the Google Sign-In SDK but I can't seem to figure out how to obtain the JWT id token correctly. Everything is set up correctly, I believe, as both Google Sign-In and Cognito work independently.
I am setting up the GIDSignIn like this.
[GIDSignIn sharedInstance].scopes = #[kGTLAuthScopePlusLogin, kGTLAuthScopeDrive];
[[GIDSignIn sharedInstance] setClientID:kClientID];
[GIDSignIn sharedInstance] setServerClientID:kServerClientId];
and then to get the id_token, as specified here with the exception being that I am using Google Sign-In and not Google+ signin, which has no GTMOAuth2Authentication.
- (void)googleSignedIn:(GIDGoogleUser *) user
{
NSLog(#"AWSManager: Google signed in, id token = %#", user.authentication.idToken);
NSString *idToken = user.authentication.idToken;
self.credentialsProvider.logins = #{ #(AWSCognitoLoginProviderKeyGoogle): idToken};
but the idtoken is not json formatted web token, it is just a hunk of characters. AWS throws this error --
AWSiOSSDKv2 [Error] AWSIdentityProvider.m line:185
| __51-[AWSAbstractCognitoIdentityProvider getIdentityId]_block_invoke169
| GetId failed.
Error is [Error Domain=com.amazonaws.AWSCognitoIdentityErrorDomain Code=9
"The operation couldn’t be completed. (com.amazonaws.AWSCognitoIdentityErrorDomain error 9.)"
UserInfo=0x8fa5eb8e4e40{__type=NotAuthorizedException, message=Token is not from a supported provider of this identity pool.}]
I have no idea what I'm to do. I'm pretty new to objective-c and have done all of this on Android before. On android I did:
String mServerClientId = "audience:server:client_id:xxxxxxxxxx.apps.googleusercontent.com"
String token = GoogleAuthUtil.getToken(getApplicationContext(), accountName, mServerClientId);
to retrieve the tokens, but far as I can tell there's nothing like that on iOS. I can provide more information if needed.
Thanks!
From the error it looks like the clientId is not setup correctly in the identity pool configuration. Google has different client ids for each platform, to support multiple client ids, you should use the Cognito's support for generic OpenID Connect Identity Providers. Please follow these steps:
Go to AWS IAM Console's identity provider section .
Create an OpenId Connect Identity Provider with provider URL as https://accounts.google.com and Audience as one of the client Ids.
Follow the steps to create identity provider and later you will have an option to add additional client ids.
Go to Amazon Cognito Console.
Create or edit an identity pool and add the OpenID connect identity provider to the pool. This will allow you to trust multiple client Ids.
You can follow the Cognito documentation for Google login here and OpenID connect providers here.
Additionally, the token which you are getting is actually Base64 encoded. It has three parts separated by a period.
The algorithm which is used.
The payload.
The signature which Cognito validates.
You can use this cool tool for decoding the tokens.
Thanks,
Rachit
I would like help obtaining/locating the correct access_token value for an API call.
I'm configuring an application that wants to search Facebook using the graph-api search request at https://graph.facebook.com/fql, for which I need an access_token. The application is a backend server so there's no UI and no users.
I registered a new 'app' using the developer pages 'Create a New App' link, so I now have an app at: https://developers.facebook.com/apps/<> and from that I get an 'app secret' token. Digging into the Advanced settings page for the app there is also a Client token.
However using either token results in the following JSON error:
{"error":{"message":"Invalid OAuth access token.","type":"OAuthException","code":190}}
Can anyone point me to where I've gone wrong?
==
The following 'curl' request demonstrates the command working correctly, but it's only usable token-less like this occasionally, so the app needs &access_token=...stuff... adding to the parameters.
$ curl 'https://graph.facebook.com/fql?q=select%20url,%20share_count,%20like_count,%20comment_count,%20click_count,%20total_count%20from%20link_stat%20where%20url%20=%20"http%253A%252F%252Felifesciences.org%252Fcontent%252F2%252Fe01233"'
{"data":[{"url":"http\u00253A\u00252F\u00252Felifesciences.org\u00252Fcontent\u00252F2\u00252Fe01233","share_count":0,"like_count":0,"comment_count":0,"click_count":0,"total_count":0}]}
The 'app secret' and 'Client token' will not work.
What you need is an Access Token, refer to this.